The cleanest method is to scope your notes by user instead of searching the whole class:
@note = @user.notes.find(params[:id]) On Sep 5, 7:25 pm, nobosh <bhellm...@gmail.com> wrote: > This hack ends up working. Is there a cleaner, ruby trick to getting > this to work? > > @note = Note.find(params[:id]) > @note_userid = @note.user_id > @current_userid = current_user.id > redirect_to(root_path) unless @current_userid == > @note_userid > > thxs! > > On Sep 5, 4:07 pm, nobosh <bhellm...@gmail.com> wrote: > > > > > Hello, I'm a Rails newbie.... Here's what I'm trying to do.... > > > I created a scaffold for notes (t.text :content, t.integer :user_id) > > What I want to do now is only allow user's to view notes that they > > created. ie (== user_id) > > > In my /app/controllers/notes_controller.rb > > > I have the following: > > > class NotesController < ApplicationController > > before_filter :authenticate > > before_filter :correct_user > > . > > . > > . > > def correct_user > > @noteuserid = Note.find(:conditions=>["note.user_id=?", > > @noteuserid]) > > redirect_to(root_path) unless current_user?(@noteuserid) > > end > > > I'm having problems understanding how to write the following line: > > @noteuserid = Note.find(:conditions=>["note.user_id=?", @noteuserid]) > > > Right now I'm using the system in the Rails 3 Tutorial Book: > > railstutorial.org/chapters/sign-in-sign-out#sec:current_user > > > Seems like the problem is current_user is an object, not an ID... Not > > sure how to make the two comparable? > > > Thanks -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-t...@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
